Shane on Apr 17th, 2006Passwords Should Always be Encrypted
I signed up with changenotes.com recently and like most web applications you have to confirm your account. When I read the confirmation e-mail I noticed the URL had my password in plain text in the url as “pass=MY_PASSWORD”!!
Web developers, you should always encrypt passwords! Passwords should be one-way hashed with a randomly generated salt. […]
